https://tumeplay.fabrique.social.gouv.fr

Mise à jour il y a : environ 6 heures

Copie d'écran de https://tumeplay.fabrique.social.gouv.fr
Mozilla HTTP observatory
Rapport détaillé

Scan Summary :

Impact
Description
Documentation
Content Security Policy (CSP) header not implementedDoc Content Security Policy. L'extension github.com/april/laboratory permet de générer la CSP pour votre application.
Initial redirection from HTTP to HTTPS is to a different host, preventing HSTS-

Scan Summary :


Expiration : 22/04/2022

Nuclei
Séverité
id
Name
Matcher
http-missing-security-headersHTTP Missing Security Headerscross-origin-opener-policy
http-missing-security-headersHTTP Missing Security Headersaccess-control-expose-headers
http-missing-security-headersHTTP Missing Security Headersaccess-control-max-age
http-missing-security-headersHTTP Missing Security Headersaccess-control-allow-methods
http-missing-security-headersHTTP Missing Security Headersreferrer-policy
http-missing-security-headersHTTP Missing Security Headerscross-origin-embedder-policy
http-missing-security-headersHTTP Missing Security Headersclear-site-data
http-missing-security-headersHTTP Missing Security Headerscross-origin-resource-policy
http-missing-security-headersHTTP Missing Security Headersaccess-control-allow-origin
http-missing-security-headersHTTP Missing Security Headersaccess-control-allow-credentials
http-missing-security-headersHTTP Missing Security Headerscontent-security-policy
http-missing-security-headersHTTP Missing Security Headersx-permitted-cross-domain-policies
can-i-take-over-dns-fingerprintCan I Take Over DNS - Fingerprintazure
api-iterableIterable API Test